420398e0cd98880ca739b14151f0707e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

420398e0cd98880ca739b14151f0707e_JaffaCakes118
Size

29KB
MD5

420398e0cd98880ca739b14151f0707e
SHA1

baa372bcfeb879dc960c1c62e99e9761df6072ff
SHA256

585fb3ec1f7f84a34a64e14636d826378ae5c89b17ce684b64c7e20f071d626b
SHA512

9385e13345692a7766f17573436f15fd5d617f4c8ecab7a6529cfec47bfe0751459cb2d7e84a095125a07f09add3dc03cf5c86894e6d5b6356a7822e30883d97
SSDEEP

384:KNNe06t9hckOYlpbZkYD26xLRQMxm+m2uS8SqQ+lLXqMSVFZPJzz8WIHTcN:+eP9h+GdQM8PdHRxWwTc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
420398e0cd98880ca739b14151f0707e_JaffaCakes118

Files

420398e0cd98880ca739b14151f0707e_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
KJHJKFDSA

Sections

CODE
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ